SELinux users
As explained before, SELinux users are different from normal Linux users. SELinux users are defined in the policy that's loaded into the memory at boot time, and there are only a few of these users.
After SELinux is enforced, each regular user account is mapped to a SELinux user account. There can be multiple user accounts mapped to the same SELinux user. This enables the normal user account to inherit the permission of its SELinux counterpart.
To view the mapping, we will run the following command:
semanage login -l
Here, we will find that there are only three Login Names as shown in the preceding screenshot representing the Linux user accounts. Any Linux user is mapped to the entry shown as __default__ here. The user root is not mapped to default, instead it has its own entry and there is system_u for the running processes or services. The second column indicates the SELinux user they are mapped to. Normal user accounts and roots are mapped to unconfined_u, whereas the...
